FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php -- potential overflow in _php_stream_scandir

Affected packages
5.4 < php5 < 5.4.5
5.3 <= php5 < 5.3.15
5.2 <= php5 < 5.2.17_10
php53 < 5.3.15
php52 < 5.2.17_10

Details

VuXML ID bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89
Discovery 2012-07-19
Entry 2012-07-23
Modified 2013-01-15

The PHP Development Team reports:

The release of PHP 5.4.15 and 5.4.5 fix a potential overflow in _php_stream_scandir

References

CVE Name CVE-2012-2688
URL http://www.php.net/archive/2012.php#id2012-07-19-1